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REMARKS 

Claims 1-29 were presented for examination and all claims were rejected. Applicants 
submit that pending claims 1-29 are patentable and in condition for allowance. 

The following comments address all stated grounds of rejection. Applicants respectfully 
traverse all rejections and urge the Examiner to pass the claims to allowance in view of the 
remarks set forth below. 

CLAIM REJECTIONS UNDER 35 U.S.C. $102 

I. Claims 1-3. 6, 12-14. 17 and 23-27 as Anticipated by Bisbee 

Claims 1-3, 6, 12-14, 17 and 23-27 are rejected as anticipated over U.S. Patent 
Publication No. 2002/0184217 Al to Bisbee et al. ("Bisbee") under 35 U.S.C. §102(e). Claims 1, 
12, and 24 are independent claims. Claims 2, 3 and 6 depend on and incorporate all of the 
patentable subject matter of independent claim 1. Claims 13, 14, 17 and 23 depend on and 
incorporate all of the patentable subject matter of independent claim 12. Claims 25-27 depend 
on and incorporate all of the patentable subject matter of independent claim 24. Applicants 
traverse this rejection and submit that Bisbee fails to disclose each and every element of the 
claimed invention. 

A. Independent Claims 1, 12, and 24 Not Anticipated By Bisbee 

A claim is anticipated only if each and every element as set forth in the claim is found, 
either expressly or inherently described, in a single prior art reference. Independent claims 1 and 
24 are directed towards methods, and independent claim 12 is directed towards a computer 
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system. These claims recite an enrollment administration system for specifying enrollment rules. 
The enrollment rules identify one or more users permitted to enroll one or more network 
resources for authorized remote access. These claims further recite an enrollment system 
configured to communicate with the enrollment administration system for enrolling by a user of 
the one or more users a first networked resource of the one or more network resources for remote 
access by the user if permitted by specified enrollment rules. Bisbee fails to disclose each and 
every element of the claimed invention. 

Bisbee fails to disclose an enrollment system in which one or more users are permitted 
via enrollment rules to enroll one or more network resources for remote access. Rather, Bisbee 
discloses an authentication system in which a user may securely log in for access based on 
authentication rules. The Examiner equates the rules database of Bisbee to the claimed 
enrollment administration system and the rules in the rules database to the claimed enrollment 
rules. However, the rules and the rules database are for authenticating a user, not for enrolling a 
network resource. The act of authenticating is distinct from enrolling one or more network 
resources for remote access: authentication simply verifies the identity of the user for logon. By 
analogy, presenting a student ID to attend class is not the same as originally enrolling in the 
class. Applying an authentication rule by an authentication system does not enroll by a user a 
network resource for remote access by the user - it merely verifies identity of the user at an entry 
point to a system. Thus, the rule database is merely an authentication database and the rules are 
merely authentication rules for verifying the identity of the user. Therefore, Bisbee does not 
disclose the enrollment system and enrollment rule features of the claimed invention. 

Moreover, the only enrollment described in Bisbee is the manual enrollment of a user by 
a system administrator (". . . even in a system such as that depicted in Fig. 1, a system 
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administrator usually must enroll a user with the system by entering identification, authorization, 
and attribute information that uniquely describe the user to the system." Bisbee, paragraph 40). 
Determinations of access privileges for users to limited sets of network resources are made 
manually by the administrator. Even an authenticated and identified non-administrative user has 
no ability to select new resources for enrollment. Furthermore, during this manual enrollment 
process, Bisbee does not apply any type of rules to system administrators for enrolling users. 
The process of enrolling a user by the system administrator in Bisbee is not dependent on the 
user having previously successfully enrolled for himself a network resource for remote access - 
if it were, no new user could ever be added to the system in Bisbee because a new user, by 
definition, would not have previously enrolled a network resource. Instead, the user enrollment 
of Bisbee merely identifies by a system administrator a valid user for future attempts by the user 
to logon to the system. In the claimed invention, the user enrolls for himself a network resource 
to access remotely. The user enrolls the resources for himself instead of another user, such as the 
system administrator, performing the enrollment. Permission for the user to enroll a network 
resources for himself is provided by the enrollment rules. Thus, Bisbee fails to disclose the self- 
enrollment features and enrollment administration system of the claimed invention. 

Furthermore, Bisbee fails to disclose a enrollment system configured to communicate 
with the enrollment administration system for enrolling by a first networked resource of one or 
more network resources for remote access by the user if permitted by specified enrollment rules. 
The Examiner equates the claimed enrollment system with the logon component of Bisbee in 
communication with the rules database to "determine if the requesting user is permitted to access 
the remote system resource". (Response to Arguments, Office Action of October 6, 2008, page 
11, Emphasis Added). The Examiner again incorrectly equates a user's access via the 
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authentication system to permission to enroll by a user a network resource for remote access by 
the user. Once a user is authenticated in Bisbee via authentication rules, the user has passed the 
entry point to the system to access whatever resources the system may determine the user has 
access to - this simply does not speak to whether or not the user is permitted to enroll a network 
resource to be accessed by the user remotely. Rather, once authenticated, the user in Bisbee has 
access to a predetermined set of network resources and may not modify that predetermined set. 
Additionally, the logon component does not enroll a network resource for remote access by the 
user, as any enrollment is performed manually by Bisbee's system administrator. The logon 
component merely facilitates verifying the identity of the user according to authentication rules. 
Even if the logon component was to be interpreted as performing an enrollment, it would merely 
enroll a user and not enroll network resources selected by the user for remote access by the user. 
Thus, Bisbee fails to disclose the enrollment system and enrolling of network resource features 
of the claimed invention. 

For at least the above-discussed reasons, Bisbee fails to disclose each and every feature 
of independent claims 1,12 and 24. Thus, Applicants submit independent claims 1,12 and 24 
are patentable and in condition for allowance. Claims 2, 3 and 6 depend on and incorporate all of 
the patentable subject matter of independent claim 1 . Claims 13, 14, 17 and 23 depend on and 
incorporate all of the patentable subject matter of independent claim 12. Claims 25-27 depend 
on and incorporate all of the patentable subject matter of independent claim 24. Thus, Bisbee 
fails to detract from the patentability of dependent claims 2, 3, 6, 13, 14, 17, 23, and 25-27. 
Accordingly, Applicants respectfully request the Examiner to reconsider and withdraw the 
rejection of claims 1-3, 6, 12-14, 17 and 23-27 under 35 U.S.C. §102. 
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DEPENDENT CLAIM REJECTIONS UNDER 35 U.S.C. $103 

II. Claims 4-5, 7-11. 15-16, 18-22 and 28-29 Rejected under 35 U.S.C. § 103(a) 

Claims 4-5,7-11, 15-16, 18-22 and 28-29 are rejected as unpatentable over Bisbee in 
view of U.S. Patent No. 6,898,682 B2 to Kelley et al. ("Kelley") under 35 U.S.C. § 103(a). 
Claims 4-5 and 7-1 1 depend on and incorporate all of the patentable subject matter of 
independent claim 1. Claims 15-16 and 18-22 depend on and incorporate all of the patentable 
subject matter of independent claim 12. Claims 28-29 depend on and incorporate all of the 
patentable subject matter of independent claim 24. Applicants respectfully traverse these 
rejections and submit that Bisbee and Kelley, alone or in combination, fail to teach or suggest 
each and every feature of the claimed invention. 

A. Dependent Claims 4-5. 7-11. 15-16. 18-22 and 28-29 Patentable 

In view of these arguments above in connection with the rejection of independent claims 
1, 12 and 24, Applicants submit that independent claims 1,12 and 24 are patentable and in 
condition for allowance. Claims 4-5 and 7-1 1 depend on and incorporate all of the patentable 
subject matter of independent claim 1. Claims 15-16 and 18-22 depend on and incorporate all of 
the patentable subject matter of independent claim 12. Claims 28-29 depend on and incorporate 
all of the patentable subject matter of independent claim 24. Thus, Applicants submit that claims 
4-5, 7-11, 15-16, 18-22 and 28-29 are also patentable and in condition for allowance. 

Furthermore, Bisbee and Kelley, alone or in combination, do not teach or suggest each 
and every feature of the claimed invention. The Examiner cites Kelley for the purpose of 
describing a remote access system wherein the access system is software, where the access is 
through vpn, where the enrollment system is a network application, and where the location of a 
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user may be determined. Neither Kelley nor Bisbee teach or suggest an enrollment 
administration system in which one or more users may enroll themselves for access to one or 
more network resources. Thus, Kelley and Bisbee, alone or in combination, fail to teach or 
suggest every feature of the claimed invention. 

Because Bisbee and Kelley, alone or combination, fail to teach or suggest each and every 
feature of the claimed invention, Applicants submit that these references fail to detract from the 
patentability of independent claims 1, 12 and 24 and dependent claims 4-5, 7-11, 15-16, 18-22 
and 28-29. Therefore, Applicants respectfully request the examiner to withdraw the rejection of 
claims 4-5,7-11, 15-16, 18-22 and 28-29 under 35 U.S.C. §103. 

CONCLUSION 

In light of the aforementioned amendments and arguments, Applicants contend that each 
of the Examiners rejections has been adequately addressed and all of the pending claims are in 
condition for allowance. Accordingly, Applicants respectfully request reconsideration, 
withdrawal of all grounds of rejection, and allowance of all of the pending claims. 

Should the Examiner feel that a telephone conference with Applicants' attorney would 
expedite prosecution of this application, the Examiner is urged to contact the Applicants' 
attorney at the telephone number identified below. 

Respectfully submitted, 

CHOATE, HALL & STEWART, LLP 
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/Christopher J. McKenna/ 
Christopher J. McKenna 
Registration No. 53,302 
Attorney for Applicants 

Choate, Hall & Stewart, LLP 
Two International Place 
Boston, MA 021 10 
(617) 248-5000 



